“To begin with, the board solely cares about cash,” Hamilton tells CSO. “They don’t care about scary Russian cyber buffer overflow stuff. They care about cash.”
“Whereas the CISO could also be fascinated with metrics like imply time to detect, imply time to reply, issues like that, boards are charged with defending enterprise worth. Detection velocity, vulnerability administration, and phishing resilience matter extra to them as a result of they restrict monetary loss, regulatory publicity, and operational disruption,” he says. “What they actually wish to know is how we’re decreasing the probability of these unhealthy outcomes that have an effect on the enterprise.”
Bejtlich, then again, argues that boards can interact with a variety of operationally grounded, governance-relevant metrics, together with the variety of intrusions over a given interval. These figures change into significant when paired with consequence. “Was it a breach, or was it merely unauthorized entry with no consequence?” Bejtlich says.
